Vulnerable subcomponent: Flash File Uploader

Problem Description: TYPO3 bundles and uses an external JavaScript & Flash Upload Library called swfupload. TYPO3 can be configured to use this Flash uploader. Input passed via the "movieName" parameter to swfupload.swf is not properly sanitised before being used in a call to "ExternalInterface.call()". This can be exploited to execute arbitrary script code in a user's browser session in context of an affected site. The existance of the swfupload library is sufficient to be vulnerable to the reported problem.

Note: The vulnerability in the swfupload library is addressed by Secunia Advisory SA49651.

Solution: Update to the TYPO3 versions 4.5.17, 4.6.10 or 4.7.2 that fix the problem described!

Credits: Credits go to Nathan Partlan and Neal Poole who discovered the original movieName XSS vulnerability in the swfupload library and Lukas Reschke who reported the problem to the TYPO3 Security Team.